Login or Register to Ask a Question and Join Our Community


UNIX for Advanced & Expert Users

suexec problem

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users suexec problem
# 1  
Old 03-07-2008
suexec problem
Hi all,
I am trying to setup apache w/ suexec to avoid permission problems w/ apache user and website user and also to be able to run a second (test) domain on the same server.
So far I got fcgi w/o suexec running perfectly (logs confirm that). But as soon as I enable the suexec statement in the vhost config I get 500's.
Suexec log shows this :
[2008-03-07 10:33:54]: uid: (1002/galac4) gid: (1004/1004) cmd: php5.fcgi
[2008-03-07 10:33:54]: cannot stat program: (php5.fcgi)

After examining the source of suexec I found that that error means, that suexec thinks that there is a symlink to the php5.fcgi, which is not. here the output of stat from console entry done with a copy of the fcgi entry in the vhost definition:

stat /var/www/galactics/fcgi-bin/php5.fcgi
File: `/var/www/galactics/fcgi-bin/php5.fcgi'
Size: 183 Blocks: 8 IO Block: 4096 regular file
Device: 801h/2049d Inode: 1655474 Links: 1
Access: (0755/-rwxr-xr-x) Uid: ( 1002/ galac4) Gid: ( 1004/ galac4)
Access: 2008-03-06 21:00:35.000000000 -0500
Modify: 2008-03-07 10:32:04.000000000 -0500
Change: 2008-03-07 10:32:04.000000000 -0500

Here is the contens of the php5.fcgi :

#!/bin/sh
#PHPRC=$PWD/../etc
#export PHPRC
#umask 022
#PHP_FCGI_CHILDREN=1
#export PHP_FCGI_CHILDREN
#SCRIPT_FILENAME=$PATH_TRANSLATED
#export SCRIPT_FILENAME
exec /usr/bin/php5-cgi

Have already commented out everything unrelated, still no go (remember, if suexec is not used in the vhost declaration, everything works fine)

Here is the suexec output :
/usr/lib/apache2/suexec2 -V

-D AP_DOC_ROOT="/var/www"
-D AP_GID_MIN=100
-D AP_HTTPD_USER="www-data"
-D AP_LOG_EXEC="/var/log/apache2/suexec.log"
-D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D AP_UID_MIN=100
-D AP_USERDIR_SUFFIX="public_html"

Site is defined in /var/www/galactics/public_html, all permissions checked, all set to that user.
I already have read everything I could find on the net about suexec, the apache docs, analyzed the suexec code. No success.

here is the vhost config:
I have other servers running with this configuration, quite similar and no probs. It looks like suexec has trouble finding/analyzing that wrapper (php5.fcgi). I quadrupel checked the vhost setup, all correct. here it is (suexec commented out as that otherwise throws that 500 error.:

<VirtualHost *:80>
ServerAdmin webmaster@galactics.org
ServerName GALACTICS Clearwater International F.C. - Home
ServerAlias galactics.org
# SuexecUserGroup galac4 galac4

DocumentRoot /var/www/galactics/public_html
ErrorLog /var/www/galactics/logs/error_log
CustomLog /var/www/galactics/logs/access_log combined
ScriptAlias /cgi-bin/ /var/www/galactics/cgi-bin/
DirectoryIndex index.php index.html index.htm

<Directory /var/www/galactics/public_html>
Options Indexes IncludesNOEXEC FollowSymLinks ExecCGI
allow from all
AllowOverride All
AddHandler fcgid-script .php
AddHandler fcgid-script .php5
FCGIWrapper /var/www/galactics/fcgi-bin/php5.fcgi .php
FCGIWrapper /var/www/galactics/fcgi-bin/php5.fcgi .php5
</Directory>
RemoveHandler .php
RemoveHandler .php5

<Directory /var/www/galactics/cgi-bin>
allow from all
</Directory>

LogLevel debug

ServerSignature Off
</VirtualHost>

Anybody there with a hint what to do?

Harry
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

SUEXEC with passwordless option

Hi, I am using the below command in suexec -u webuser /local/Tomcat7//0/tc7u/tomcat7.sh status But it prompts for the password of executing user. Let me know if any options available for passwordless or supplying password in script. (0 Replies)
Discussion started by: pravinbtech
0 Replies

2. IP Networking

Router problem or ISP problem ?

Hi everyone, I am experiencing discontinuity of Internet service, this started 1 month ago. Everything worked very well for 1 year of intensive use, but now, I have problems reaching my gateway. The gateway is not my router but a node belonging to my ISP and I share the same public IP with... (3 Replies)
Discussion started by: remic
3 Replies

3. UNIX for Dummies Questions & Answers

sed Or Grep Problem OR Terminal Problem?

I don't know if you guys get this problem sometimes at Terminal but I had been having this problem since yesterday :( Maybe I overdid the Terminal. Even the codes that used to work doesn't work anymore. Here is what 's happening: * I wanted to remove lines containing digits so I used this... (25 Replies)
Discussion started by: Nexeu
25 Replies

4. IP Networking

Problem with forwarding emails (SPF problem)

Hi, This is rather a question from a "user" than from a sys admin, but I think this forum is apropriate for the question. I have an adress with automatic email forwarding and for some senders (two hietherto), emails are bouncing. This has really created a lot of problems those two time so I... (0 Replies)
Discussion started by: carwe
0 Replies

5. AIX

user login problem & Files listing problem.

1) when user login to the server the session got colosed. How will resolve? 2) While firing the command ls -l we are not able to see the any files in the director. but over all view the file system using the command df -g it is showing 91% used. what will be the problem? Thanks in advance. (1 Reply)
Discussion started by: pernasivam
1 Replies

6. Shell Programming and Scripting

ssh script problem problem

Hi Please help me with the following problem with my script. The following block of code is not repeating in the while loop and exiting after searching for first message. input_file ========== host001-01 host001-02 2008-07-23 13:02:04,651 ConnectionFactory - Setting session state... (2 Replies)
Discussion started by: pcjandyala
2 Replies

7. UNIX for Dummies Questions & Answers

How to use Suexec with Apache2 ?

Hello guys I'm trying to use Suexec in my computer. I've installed apache with default settings (so Suexec is installed with my emerge Apache , Gentoo) . My settings on /etc/conf.d/apache2 # SUEXEC Enables running CGI scripts (in USERDIR) through suexec. # USERDIR Enables /~username... (1 Reply)
Discussion started by: kernings
1 Replies

8. UNIX for Advanced & Expert Users

apache suexec

I compiled apache 1.3.33 with suexec support like ./configure \ "--with-layout=Apache" \ "--prefix=/usr/local/apache" \ "--enable-module=ssl" \ "--activate-module=src/modules/php4/libphp4.a" \ "--activate-module=src/modules/perl/libperl.a" \ "--enable-module=perl" \ "--enable-module=most"... (0 Replies)
Discussion started by: hassan1
0 Replies

9. UNIX for Dummies Questions & Answers

Suexec solution

guys here's a section of my program written in perl. This part is used to create directories with 777 mode. Now i know about 777 being a security hole. Could anyone provide me a possible solution to this using suexec????????? Segment system mkdir ".$file_folder", 0777 or die "Can't make... (13 Replies)
Discussion started by: the_last_rites
13 Replies

10. UNIX for Advanced & Expert Users

SSH Problem auth problem

Hi, Just recently we seem to be getting the following error message relating to SSH when we run the UNIX script in background mode: warning: You have no controlling tty. Cannot read confirmation.^M warning: Authentication failed.^M Disconnected; key exchange or algorithm negotiation... (1 Reply)
Discussion started by: budrito
1 Replies
Login or Register to Ask a Question